The Distributed Incident Management System (DIMS) project is intended to take
semi-automated sharing of structured threat information (MITRE's STIX
technology), building on the success of the Public Regional Infrastructure
Security Event Management (PRISEM) project [*] and leveraging the
tooling used by an existing community of operational security professionals
known as Trident, and scale it to the next level. DIMS takes advantage of
the open message bus architecture used by PRISEM, features that support
identification of friend or foe, and the ability to integrate three data
sources maintained by PRISEM (network flow history, event history, and attacker
context history) to support the triage process, cross-organizational
correlation of events, and anonymization to promote privacy-sensitive sharing
of security event data. Working with use cases defined by MITRE and PRISEM
users, building features necessary to simplify structured information sharing,
and operationalizing these within these existing communities, will allow DIMS
to fill existing gaps in capabilities and support existing missions that are
slowed down today by many complicated, manual processes.

The PRISEM project is being superceded by a not-for-profit known as the Public Infrastructure Security Collaboration and Exchange System (PISCES). The name PRISEM is being replaced where it occurs in DIMS documents as those documents are updated.